An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerability that can change the admin’s password via the password/ URI,